PlayStation 3 Browser Investigation for PS3 Devs by Cakehonolulu

As work began porting the PS3 WebKitSploit and PS3 Playground, @cakehonolulu let us know in the Shoutbox of a write-up he did recently Investigating the PS3 Browser on Github for PlayStation 3 developers.

Those interested can check out the article in it's entirety HERE, and to quote from it in part:

But how can we exploit PS3's WebKit engine then?

Well, that's a matter of time, you can look up on the Internet about old Webkit bugs and test if they work on the PS3, then you could craft an exploit from them. But what's the point of running unsigned code on the userland in the PS3 nowadays when Custom Firmwares are up on all the Scenes and Downgrading has become a very used technique in order to install a full-blown Custom Firmware on the PS3?

Well, there are a lot of people that can't afford a downgrader, or they don't know how to solder, or they fear that they will kill the PS3 by doing thoose things... There are a lot of reasons to research on newer PS3 models, but the first one is: Doing it for fun as past hackers did it.

Hey! Where's my TL;DR

Well, i'll resume this as much as I can: Motivated by some fellas that were porting PS4 WebKit exploits to PS3, found out that they can't work on the PS3 because Sony has (Again) failed to provide a good WebKit base by removing functionalities that are useful (In this case, TypedArrays) in the Webkit exploiting world.

 

[bombob]

well its too bad things are gona take a lot more time for 4.81 OFW ps3 owners. I was all hyped

 

[ayat123]

ah some good news after a long wait

 

[Mason Norman]

omg development for newer PS3 consoles

 

[esc0rtd3w]

this is amazing! Thanks dude! Keep that thing updated whenever possible, cause my brain is hurting enough already...lol

Question: If Flash 9 can handle TypedArrays or perhaps other apps, or even the PSN Store could emulate this functionality, wouldn't some of the TypedArray stuff be viable or am I just talking out of my

do you think we could leverage HTML5 to do TypedArrays?? Sorry so many questions

 

[cakehonolulu]

this is amazing! Thanks dude! Keep that thing updated whenever possible, cause my brain is hurting enough already...lol

Question: If Flash 9 can handle TypedArrays or perhaps other apps, or even the PSN Store could emulate this functionality, wouldn't some of the TypedArray stuff be viable or am I just talking out of my

do you think we could leverage HTML5 to do TypedArrays?? Sorry so many questions

Well, I'm not sure if PS3's Browser Flash applet can be exploited or not, but what i'm sure is that the PS4 exploits that are being ported, won't work.

If you could craft some sort of Array that resembles the one that is missing on the PS3's Webkit, then you could exploit the PS3 without any problems.

 

[SSShowmik]

Plot twist: cake works for Sony and doesn't want anyone to try the PS4 xploit on ps3

 

[testingdis]

i used html5test.com to test the features the browser supports and noticed that it doesn't support much features.

esc0rtd3w looks as though he has found something here github/esc0rtd3w/ps3-playground/blob/master/test/index.html
but it just looks as if hes copy pasting CVE articles and doesn't actually know how to exploit it

 

[esc0rtd3w]

@testingdis i also used html5test.com and yes the PS3 browser is VERY limited.... actually was copying those CVE vulns so other people can test on their own. Our team already has working exploits for 4.81 that we are currently working on.

and yeah, you are right.... i do not know how to exploit it please show us the way! haha